Anya has already posted about what Brexit means for the future of data protection in the UK and there is a general consensus that anyone thinking they can ignore the GDPR now should think again. But just in case Anya Proops QC wasn’t authoritative enough for you (unlikely, I know), Baroness Neville-Rolfe gave a speech on 4 July which touched on data protection in our brave new world. Baroness Neville-Rolfe is, as any fule noe, the Minister for Data Protection. Continue reading
Brexit & the Future of Data Protection Revisited
So five days on from the Brexit referendum and it is clear that that there is no clear, carefully thought out strategy for extricating ourselves from the EU legal edifice. If you feel that this ‘make it up as we go along’ approach to the biggest legal and political challenge which our country has faced in decades is somewhat less than satisfactory, you will be pleased to learn you are not alone.
But if the path to Brexit is unclear you can at least assume that the journey will not be swift. Indeed, it seems likely that it will take at least two years and probably more before we part company with our EU brethren. Why does this matter, apart from the fact that it leaves our country in a protracted state of general confusion and uncertainty? Well for the readers of this blog it matters because there is at least one major piece of EU legislation which is due to take effect within the next two years, namely the EU General Data Protection Regulation.
Brexit and the Future of Data Protection
THIS POST SHOULD BE READ IN CONJUNCTION WITH MY MORE RECENT POST ON THIS SUBJECT – SEE HERE
As we all reel in shock at today’s news, thoughts will inevitably turn to how our impending divorce from Europe will impact on the sphere of data protection. Our own data protection laws have of course been profoundly shaped by Europe. Until yesterday, many had assumed that Europe’s control over our data protection laws would in due course become even more intensive, as we journeyed into a world in which the EU Data Protection Regulation reigned supreme across Europe. However, the clocks have stopped. The Regulation is not to become law in the UK. The future of data protection law is therefore necessarily shrouded in mystery. Continue reading
Environmental information: Court of Appeal to consider the bigger picture
It is often remarked that there is a paucity of clear binding authority on how to interpret the definition of “environmental information” set out in regulation 2 of the Environmental Information Regulations 2004. The issue is important: it is pivotal to whether a request for information is considered under the EIR or under FOIA. The leading domestic authority to date is the decision of the Upper Tribunal in DECC v IC and Henney [2015] UKUT 0671 (AAC). Continue reading
Hold Me Close, I’m an Academic
If I am an extremely well-regarded academic at Cambridge (don’t snigger at the back, I could be) and due to my eminence I do some unpaid voluntary work for a major international group (here, the Inter-Governmental Panel on Climate Change), the work in relation to which I do over my university email account, are those emails held by the University under the Environmental Information Regulations 2004 (“EIR”)?
Employment Law and Data Protection
Employment lawyers have tended to see data protection as an employee weapon; in particular the strategic fishing expedition subject access request as a precursor to High Court or Tribunal claims. But there is at least one angle from which the DPA can be used as a weapon of attack by employers against former employees. Where an employee leaves their employer and takes a client list with him, not only will he be in breach of the usual restrictive covenants he is likely to have, but he may also have committed a criminal offence under section 55 DPA. Continue reading